<html><head></head><body><div>Hi Félix,</div><div><br></div><blockquote type="cite"><pre>I already faced this problem some times ago, but I was waiting for the release of the new version of OpenSSL on arch to confirm this.
I should have reported thus before the new release of noPoll...
This is observed also with LibreSSL on OS X.
</pre></blockquote><div><br></div><div><br></div><div>Ok, now with latest changes, this should be no longer a problem. Please,</div><div>let us know if the problem still persists with latest SVN. </div><div><br></div><blockquote type="cite"><pre>
The new, recommended way in OpenSSL is (I think) to use TLS_client_method/TLS_server_method. From the doc :
<blockquote type="cite">
TLS_method(), TLS_server_method(), TLS_client_method()
These are the general-purpose version-flexible SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1 and TLSv1.2. Applications should use these methods, and avoid the version-specific methods described below.
</blockquote></pre></blockquote><div><br></div><div><br></div><div>Yes. I've been playing a bit with this but I see they are</div><div>rather new....for example in debian jessie or ubuntu xenial</div><div>16.04 they are not available.</div><div><br></div><div>Anyhow, they are now supported by noPoll (if present)</div><div>by using NOPOLL_METHOD_TLS_FLEXIBLE </div><div><br></div><div><br></div><div><br></div><blockquote type="cite"><div>
I propose for noPoll to use an auto-detection of available methods in the autoconf, and to use TLS_{client,server}_method by default if available.
But I am not an OpenSSL expert at all.
</div></blockquote><div><br></div><div>Ok, by default we cannot use it. First, because it is not </div><div>widely available. Second, because it implies some security</div><div>assumptions which can be problematic in certain circumstances</div><div>(by using flexible TLS, you are accepting peer can downgrade</div><div>the TLS version to the lowest available, for example),</div><div><br></div><blockquote type="cite"><pre>
Moreover, there is a minor issue on OS X :
nopoll-regression-client.c:539:18: error: format specifies type 'long' but the argument has type 'off_t' (aka 'long long') [-Werror,-Wformat]
total_read, stat_buf.st_size, retries);
^~~~~~~~~~~~~~~~
nopoll-regression-client.c:1220:26: error: format specifies type 'long' but the argument has type '__darwin_suseconds_t' (aka 'int') [-Werror,-Wformat]
iterator, diff.tv_sec, diff.tv_usec);
^~~~~~~~~~~~
</pre></blockquote><div><br></div><div>I think both are fixed (SVN versions already have casts)..</div><div><br></div><blockquote type="cite"><pre>
A simple cast should resolve this issue.
Thanks again Francis for your great job !
</pre></blockquote><div><br></div><div>:-) Thank you very much Félix,</div><div>Best Regards,</div><div><br></div><div><br></div><blockquote type="cite"><pre>
Le 26 mai 2016 à 19:36, Chris Severance <<a href="mailto:aur.severach@spamgourmet.com">aur.severach@spamgourmet.com</a>> a écrit :
<blockquote type="cite">
<a href="https://aur.archlinux.org/packages/nopoll/">https://aur.archlinux.org/packages/nopoll/</a>
Not compiling. Something in SSL seems to have changed.
% gcc --version
gcc (GCC) 6.1.1 20160501
Copyright (C) 2016 Free Software Foundation, Inc.
% openssl
OpenSSL> version
OpenSSL 1.0.2h 3 May 2016
OpenSSL> quit
% gcc ... nopoll_conn.c
nopoll_conn.c: In function '__nopoll_conn_get_ssl_context':
nopoll_conn.c:550:35: error: implicit declaration of function
'SSLv3_client_method' [-Werror=implicit-function-declaration]
return SSL_CTX_new (is_client ? SSLv3_client_method () :
SSLv3_server_method ());
^~~~~~~~~~~~~~~~~~~
nopoll_conn.c:550:60: error: implicit declaration of function
'SSLv3_server_method' [-Werror=implicit-function-declaration]
return SSL_CTX_new (is_client ? SSLv3_client_method () :
SSLv3_server_method ());
^~~~~~~~~~~~~~~~~~~
nopoll_conn.c:550:23: error: passing argument 1 of 'SSL_CTX_new' makes
pointer from integer without a cast [-Werror=int-conversion]
return SSL_CTX_new (is_client ? SSLv3_client_method () :
SSLv3_server_method ());
^~~~~~~~~
In file included from ./nopoll_private.h:46:0,
from nopoll_conn.c:50:
/usr/include/openssl/ssl.h:2131:10: note: expected 'const SSL_METHOD *
{aka const struct ssl_method_st *}' but argument is of type 'int'
SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
^~~~~~~~~~~
</blockquote>
----
Félix Faisant - xif.fr - PGP Pub Key footprint : CE67 00AE C4C3 2446 032C F89A 4E4F A7AF F464 8355
_______________________________________________
noPoll mailing list
<a href="mailto:noPoll@lists.aspl.es">noPoll@lists.aspl.es</a>
<a href="http://lists.aspl.es/cgi-bin/mailman/listinfo/nopoll">http://lists.aspl.es/cgi-bin/mailman/listinfo/nopoll</a>
</pre></blockquote><div><span>-- <br><div><div>Francis Brosnan Blázquez - ASPL</div><div>91 134 14 22 - 91 134 14 45 - 91 116 07 57</div><div><br></div><div><a href="http://aspl.es">http://aspl.es</a></div><div><a href="http://asplhosting.com">http://asplhosting.com</a></div><div><a href="http://twitter.com/aspl_es">http://twitter.com/aspl_es</a></div><div><a href="http://twitter.com/asplhosting">http://twitter.com/asplhosting</a></div><div><br></div><div>AVISO LEGAL</div><div><br></div><div>Este mensaje se dirige exclusivamente a su destinatario. Los datos</div><div>incluidos en el presente correo son confidenciales y sometidos a secreto</div><div>profesional, se prohíbe divulgarlos, en virtud de las leyes vigentes. Si</div><div>usted no lo es y lo ha recibido por error o tiene conocimiento del mismo</div><div>por cualquier motivo, le rogamos que nos lo comunique por este medio y</div><div>proceda a destruirlo o borrarlo.</div><div><br></div><div>En virtud de lo dispuesto en la Ley Orgánica 15/1999, de 13 de</div><div>diciembre, de Protección de Datos de Carácter Personal, le informamos de</div><div>que sus datos de carácter personal, recogidos de fuentes accesibles al</div><div>público o datos que usted nos ha facilitado previamente, proceden de</div><div>bases de datos propiedad de Advanced Software Production Line, S.L.</div><div>(ASPL). No obstante, usted puede ejercitar sus derechos de acceso,</div><div>rectificación, cancelación y oposición dispuestos en la mencionada Ley</div><div>Orgánica, notificándolo por escrito a:</div><div>ASPL - Protección Datos, C/Antonio Suárez 10 A-102, 28802, Alcalá de</div><div>Henares (Madrid).</div><div><br></div></div></span></div></body></html>